Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config firewall decrypted-traffic-mirror

Configure decrypted traffic mirror.

config firewall decrypted-traffic-mirror

Description: Configure decrypted traffic mirror.

edit <name>

set dstmac {mac-address}

set traffic-type {option1}, {option2}, ...

set traffic-source [client|server|...]

set interface <name1>, <name2>, ...

next

end

config firewall decrypted-traffic-mirror

Parameter

Description

Type

Size

Default

dstmac

Set destination MAC address for mirrored traffic.

mac-address

Not Specified

ff:ff:ff:ff:ff:ff

traffic-type

Types of decrypted traffic to be mirrored.

option

-

ssl

 

Option

Description

ssl

Mirror decrypted SSL traffic.

ssh

Mirror decrypted SSH traffic.

traffic-source

Source of decrypted traffic to be mirrored.

option

-

client

 

Option

Description

client

Mirror client side decrypted traffic.

server

Mirror server side decrypted traffic.

both

Mirror both client and server side decrypted traffic.

interface <name>

Decrypted traffic mirror interface

Decrypted traffic mirror interface.

string

Maximum length: 79

config firewall decrypted-traffic-mirror

Configure decrypted traffic mirror.

config firewall decrypted-traffic-mirror

Description: Configure decrypted traffic mirror.

edit <name>

set dstmac {mac-address}

set traffic-type {option1}, {option2}, ...

set traffic-source [client|server|...]

set interface <name1>, <name2>, ...

next

end

config firewall decrypted-traffic-mirror

Parameter

Description

Type

Size

Default

dstmac

Set destination MAC address for mirrored traffic.

mac-address

Not Specified

ff:ff:ff:ff:ff:ff

traffic-type

Types of decrypted traffic to be mirrored.

option

-

ssl

 

Option

Description

ssl

Mirror decrypted SSL traffic.

ssh

Mirror decrypted SSH traffic.

traffic-source

Source of decrypted traffic to be mirrored.

option

-

client

 

Option

Description

client

Mirror client side decrypted traffic.

server

Mirror server side decrypted traffic.

both

Mirror both client and server side decrypted traffic.

interface <name>

Decrypted traffic mirror interface

Decrypted traffic mirror interface.

string

Maximum length: 79